# First read IP adresses
if ! ipaddr=$(uci get gateway.@client[0].ipaddr); then
	echo "WARNING: No ipaddr set!"
fi

# configure-layer3 -c do nothing

# Check if NAT is set
# If NAT is set
if uci -q get gateway.@client[0].nat; then
	if ! peer_ip=$(uci get gateway.meta.peer_ip); then
		echo "WARNING: No peer_ip set! For NAT you must set a peer_ip"
	fi
	# configure-layer3 -t - reload set the iptables rule not rebootsafe
	reload() {
		# first we flush the table
		iptables -t nat --flush
		# and load the new settings
		iptables -t nat -A POSTROUTING -s $ipaddr -j SNAT --to-source $peer_ip
	}
	
	# configure-layer3 -a  - apply write iptables rule to firewall and set rule again 
	# because it is possible that the rule is not set here but we need it here                                                                                                                                                                                                                                                                   
	apply() {
		echo "iptables -t nat -A POSTROUTING -s $ipaddr -j SNAT --to-source $peer_ip" > /usr/lib/firewall.d/30-NAT
		iptables -t nat --flush
		iptables -t nat -A POSTROUTING -s $ipaddr -j SNAT --to-source $peer_ip 
	}
# If NAT is not set
else
	# configure-layer3 -t - reload flush the iptables 
	reload() {
		# we only flush the table
		iptables -t nat --flush
	}

	# configure-layer3 -a  - apply flush iptables rule and delete firewall rule                                                                                                                                                                                                                                                                     
	apply() {
		# we flush the table
		iptables -t nat --flush
		# and delete the firewall
		rm /usr/lib/firewall.d/30-NAT
		# nobody need NAT we win! \o/
	}
fi

# revert is the same whether NAT set or not
revert() {
	# first we flush the table
	iptables -t nat --flush
	# and load the old settings
	. /usr/lib/firewall.d/30-NAT
}